Welcome to GeekPolice!

Our Appeal to YOU: Please join and help us grow this website. We truly love technology and security and we want to share it with the world. Recognize the excitement of technology here daily:☞Security Discussion on malware, ransomware, and much more!
☞24/7 hard- and software tech support (+mobile!)
☞Virus and malware removal support
☞Tons of tutorials, guides and solutions
☞The very finest of our voluntary Support Staff
☞Much, much more absolutely FREE of any charge!

Note to non-members: Guests are able to open topics and reply to posts; however, guests are not allowed to create their own profile, unless they register (which you can do so below). By registering, you unlock many more capabilities of this site, and are able to interact with other members including making friends! Who wouldn't love a friendly tech community? Join us now!

My laptop computer is infected with the thinkpoint virus. Right now, I can't do anything on the machine. (I'm using an old computer now.) I need to first get some functionality on the laptop, so I can carry out the start steps explained in the introductory piece, and any other instructions you might give.

The computer uses the Vista version of Windows. The only thing I can get to besides thinkpoint is the task manager.

My name is TheAvatar and I will be tying to help you resolve your issues.

If you have already received help elsewhere please inform me so that this topic can be closed.

If you haven't, please keep reading.Note Before we start the process you should:

POST your logs, don't attach them, as it makes it harder to read.

Each time I instruct you to download a file to use it, please do it even if I have told you before to download it again. This is because these tools are frequently updated to detect newer infections.

Please be patient, there is no quick fix for malware. Removal can take several attempts. Just because symptoms have gone away, does not mean the infection is gone.

Last, as most of the tools we use here need administrative rights in order to function properly, I expect that you will be running them from an administrator account.

If I have not replied to your thread within 2 days, please PM me.

=========

I take it you have access to another computer and a USB flash drive? If not please inform me. I want you to download these tools off the clean computer onto the flash drive. Then execute them in safe mode. Thanks.

Please reboot to Safe Mode (tap the F8 key just before Windows starts to load and select the Safe Mode option from the menu).

1.Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)There are 3 different versions. If one of them won't run then download and try to run the other one.Vista and Win7 users need to right click and choose Run as AdminYou only need to get one of them to run, not all of them.

You will likely see a message from this rogue telling you the file is infected. Ignore the message. Leave the message OPEN, do not close the message. Run rkill repeatedly until it's able to do it's job. This may take a few tries. You'll be able to tell rkill has done it's job when your desktop (explorer.exe) cycles off and then on again.

Once the tool has run, do NOT reboot the machine. Try immediately to run OTL (step 2)

2.

Download OTL to your desktop.

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

When the window appears, underneath Output at the top change it to Minimal Output.

Check the boxes beside LOP Check and Purity Check.

Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.

Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

Thank you for responding to my plight. Since my original message, the bad program must have taken a nap, as I have been able to log on more or less normally. I have trouble getting to websites, but i can get by. I've installed the latest version of Java. I tried to do the Javare thing, but I don't have the zip program, I've exhausted my free trial with them, and this does not seem to be a good time to flash a credit card number on my screen.

My laptop has USB ports, but the old computer I'm typing this on has none. I could either download files on the infected computer, or, if they were small enough, I could write to a CD (but not a DVD) to pass files to the infected machine. While I'm waiting for your response, I'll try the latter.

I was unable to copy any files from my old computer to the infected one, so i've done everything on the infected computer, in safe mode. I ran each of the rkill programs 5 or more times, but they didn't seem to do anything. I then downloaded and ran OTL, and here are the logs from that:

Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.Boot Mode: SafeMode with Networking | Scan Mode: Current userCompany Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days